KEYCLOAK-10967 Add JSON body methods for test ldap and smtp connections. Deprecate old form based methods.
This commit is contained in:
stianst
Marek Posolda
parent
b39b84c5dc
commit
75a772f52b
8 changed files with 169 additions and 47 deletions
|
|
@ -0,0 +1,90 @@
|
|||
package org.keycloak.representations.idm;
|
||||
|
||||
public class TestLdapConnectionRepresentation {
|
||||
|
||||
private String action;
|
||||
private String connectionUrl;
|
||||
private String bindDn;
|
||||
private String bindCredential;
|
||||
private String useTruststoreSpi;
|
||||
private String connectionTimeout;
|
||||
private String componentId;
|
||||
private String startTls;
|
||||
|
||||
public TestLdapConnectionRepresentation() {
|
||||
}
|
||||
|
||||
public TestLdapConnectionRepresentation(String action, String connectionUrl, String bindDn, String bindCredential, String useTruststoreSpi, String connectionTimeout) {
|
||||
this.action = action;
|
||||
this.connectionUrl = connectionUrl;
|
||||
this.bindDn = bindDn;
|
||||
this.bindCredential = bindCredential;
|
||||
this.useTruststoreSpi = useTruststoreSpi;
|
||||
this.connectionTimeout = connectionTimeout;
|
||||
}
|
||||
|
||||
public String getAction() {
|
||||
return action;
|
||||
}
|
||||
|
||||
public void setAction(String action) {
|
||||
this.action = action;
|
||||
}
|
||||
|
||||
public String getConnectionUrl() {
|
||||
return connectionUrl;
|
||||
}
|
||||
|
||||
public void setConnectionUrl(String connectionUrl) {
|
||||
this.connectionUrl = connectionUrl;
|
||||
}
|
||||
|
||||
public String getBindDn() {
|
||||
return bindDn;
|
||||
}
|
||||
|
||||
public void setBindDn(String bindDn) {
|
||||
this.bindDn = bindDn;
|
||||
}
|
||||
|
||||
public String getBindCredential() {
|
||||
return bindCredential;
|
||||
}
|
||||
|
||||
public void setBindCredential(String bindCredential) {
|
||||
this.bindCredential = bindCredential;
|
||||
}
|
||||
|
||||
public String getUseTruststoreSpi() {
|
||||
return useTruststoreSpi;
|
||||
}
|
||||
|
||||
public void setUseTruststoreSpi(String useTruststoreSpi) {
|
||||
this.useTruststoreSpi = useTruststoreSpi;
|
||||
}
|
||||
|
||||
public String getConnectionTimeout() {
|
||||
return connectionTimeout;
|
||||
}
|
||||
|
||||
public void setConnectionTimeout(String connectionTimeout) {
|
||||
this.connectionTimeout = connectionTimeout;
|
||||
}
|
||||
|
||||
public String getComponentId() {
|
||||
return componentId;
|
||||
}
|
||||
|
||||
public void setComponentId(String componentId) {
|
||||
this.componentId = componentId;
|
||||
}
|
||||
|
||||
public String getStartTls() {
|
||||
return startTls;
|
||||
}
|
||||
|
||||
public void setStartTls(String startTls) {
|
||||
this.startTls = startTls;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -27,6 +27,7 @@ import org.keycloak.representations.idm.GroupRepresentation;
|
|||
import org.keycloak.representations.idm.PartialImportRepresentation;
|
||||
import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.TestLdapConnectionRepresentation;
|
||||
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.DELETE;
|
||||
|
|
@ -208,16 +209,31 @@ public interface RealmResource {
|
|||
|
||||
@Path("testLDAPConnection")
|
||||
@POST
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
@NoCache
|
||||
@Deprecated
|
||||
Response testLDAPConnection(@FormParam("action") String action, @FormParam("connectionUrl") String connectionUrl,
|
||||
@FormParam("bindDn") String bindDn, @FormParam("bindCredential") String bindCredential,
|
||||
@FormParam("useTruststoreSpi") String useTruststoreSpi, @FormParam("connectionTimeout") String connectionTimeout);
|
||||
|
||||
@Path("testLDAPConnection")
|
||||
@POST
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
@NoCache
|
||||
Response testLDAPConnection(TestLdapConnectionRepresentation config);
|
||||
|
||||
@Path("testSMTPConnection")
|
||||
@POST
|
||||
@NoCache
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
@Deprecated
|
||||
Response testSMTPConnection(@FormParam("config") String config);
|
||||
|
||||
@Path("testSMTPConnection")
|
||||
@POST
|
||||
@NoCache
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
Response testSMTPConnection(@FormParam("config") String config);
|
||||
Response testSMTPConnection(Map<String, String> config);
|
||||
|
||||
@Path("clear-realm-cache")
|
||||
@POST
|
||||
|
|
|
|||
|
|
@ -66,6 +66,7 @@ import org.keycloak.representations.idm.ManagementPermissionReference;
|
|||
import org.keycloak.representations.idm.PartialImportRepresentation;
|
||||
import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.TestLdapConnectionRepresentation;
|
||||
import org.keycloak.services.ErrorResponse;
|
||||
import org.keycloak.services.managers.AuthenticationManager;
|
||||
import org.keycloak.services.managers.LDAPConnectionTestManager;
|
||||
|
|
@ -926,6 +927,8 @@ public class RealmAdminResource {
|
|||
@Path("testLDAPConnection")
|
||||
@POST
|
||||
@NoCache
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
@Deprecated
|
||||
public Response testLDAPConnection(@FormParam("action") String action, @FormParam("connectionUrl") String connectionUrl,
|
||||
@FormParam("bindDn") String bindDn, @FormParam("bindCredential") String bindCredential,
|
||||
@FormParam("useTruststoreSpi") String useTruststoreSpi, @FormParam("connectionTimeout") String connectionTimeout,
|
||||
|
|
@ -940,6 +943,26 @@ public class RealmAdminResource {
|
|||
return result ? Response.noContent().build() : ErrorResponse.error("LDAP test error", Response.Status.BAD_REQUEST);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test LDAP connection
|
||||
* @return
|
||||
*/
|
||||
@Path("testLDAPConnection")
|
||||
@POST
|
||||
@NoCache
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
public Response testLDAPConnection(TestLdapConnectionRepresentation config) {
|
||||
return testLDAPConnection(
|
||||
config.getAction(),
|
||||
config.getConnectionUrl(),
|
||||
config.getBindDn(),
|
||||
config.getBindCredential(),
|
||||
config.getUseTruststoreSpi(),
|
||||
config.getConnectionTimeout(),
|
||||
config.getComponentId(),
|
||||
config.getStartTls());
|
||||
}
|
||||
|
||||
/**
|
||||
* Test SMTP connection with current logged in user
|
||||
*
|
||||
|
|
@ -950,10 +973,19 @@ public class RealmAdminResource {
|
|||
@Path("testSMTPConnection")
|
||||
@POST
|
||||
@NoCache
|
||||
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
|
||||
@Deprecated
|
||||
public Response testSMTPConnection(final @FormParam("config") String config) throws Exception {
|
||||
Map<String, String> settings = readValue(config, new TypeReference<Map<String, String>>() {
|
||||
});
|
||||
return testSMTPConnection(settings);
|
||||
}
|
||||
|
||||
@Path("testSMTPConnection")
|
||||
@POST
|
||||
@NoCache
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
public Response testSMTPConnection(Map<String, String> settings) throws Exception {
|
||||
try {
|
||||
UserModel user = auth.adminAuth().getUser();
|
||||
if (user.getEmail() == null) {
|
||||
|
|
|
|||
|
|
@ -67,10 +67,9 @@ public class SMTPConnectionTest extends AbstractKeycloakTest {
|
|||
realm.users().get(user.getId()).update(user);
|
||||
}
|
||||
|
||||
private String settings(String host, String port, String from, String auth, String ssl, String starttls,
|
||||
private Map<String, String> settings(String host, String port, String from, String auth, String ssl, String starttls,
|
||||
String username, String password) throws Exception {
|
||||
Map<String, String> config = smtpMap(host, port, from, auth, ssl, starttls, username, password, "", "");
|
||||
return writeValueAsPrettyString(config);
|
||||
return smtpMap(host, port, from, auth, ssl, starttls, username, password, "", "");
|
||||
}
|
||||
|
||||
private Map<String, String> smtpMap(String host, String port, String from, String auth, String ssl, String starttls,
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ package org.keycloak.testsuite.admin;
|
|||
|
||||
import org.junit.ClassRule;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.representations.idm.TestLdapConnectionRepresentation;
|
||||
import org.keycloak.services.managers.LDAPConnectionTestManager;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.arquillian.annotation.EnableVault;
|
||||
|
|
@ -41,50 +42,58 @@ public class UserFederationLdapConnectionTest extends AbstractAdminTest {
|
|||
@Test
|
||||
public void testLdapConnections1() {
|
||||
// Unknown action
|
||||
Response response = realm.testLDAPConnection("unknown", "ldap://localhost:10389", "foo", "bar", "false", null);
|
||||
Response response = realm.testLDAPConnection(new TestLdapConnectionRepresentation("unknown", "ldap://localhost:10389", "foo", "bar", "false", null));
|
||||
assertStatus(response, 400);
|
||||
|
||||
// Bad host
|
||||
response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_CONNECTION, "ldap://localhostt:10389", "foo", "bar", "false", null);
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_CONNECTION, "ldap://localhostt:10389", "foo", "bar", "false", null));
|
||||
assertStatus(response, 400);
|
||||
|
||||
// Connection success
|
||||
response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_CONNECTION, "ldap://localhost:10389", "foo", "bar", "false", null);
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_CONNECTION, "ldap://localhost:10389", "foo", "bar", "false", null));
|
||||
assertStatus(response, 204);
|
||||
|
||||
// Bad authentication
|
||||
response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldap://localhost:10389", "foo", "bar", "false", "10000");
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldap://localhost:10389", "foo", "bar", "false", "10000"));
|
||||
assertStatus(response, 400);
|
||||
|
||||
// Authentication success
|
||||
response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldap://localhost:10389", "uid=admin,ou=system", "secret", "false", null);
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldap://localhost:10389", "uid=admin,ou=system", "secret", "false", null));
|
||||
assertStatus(response, 204);
|
||||
|
||||
// Authentication success with bindCredential from Vault
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldap://localhost:10389", "uid=admin,ou=system", "${vault.ldap_bindCredential}", "false", null));
|
||||
assertStatus(response, 204);
|
||||
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldap://localhost:10389", "uid=admin,ou=system", "${vault.ldap_bindCredential}", "false", null));
|
||||
assertStatus(response, 204);
|
||||
|
||||
// Deprecated form based
|
||||
response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldap://localhost:10389", "uid=admin,ou=system", "${vault.ldap_bindCredential}", "false", null);
|
||||
assertStatus(response, 204);
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testLdapConnectionsSsl() {
|
||||
|
||||
Response response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_CONNECTION, "ldaps://localhost:10636", "foo", "bar", "false", null);
|
||||
Response response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_CONNECTION, "ldaps://localhost:10636", "foo", "bar", "false", null));
|
||||
assertStatus(response, 204);
|
||||
|
||||
response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_CONNECTION, "ldaps://localhostt:10636", "foo", "bar", "false", null);
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_CONNECTION, "ldaps://localhostt:10636", "foo", "bar", "false", null));
|
||||
assertStatus(response, 400);
|
||||
|
||||
response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldaps://localhost:10636", "foo", "bar", "false", null);
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldaps://localhost:10636", "foo", "bar", "false", null));
|
||||
assertStatus(response, 400);
|
||||
|
||||
response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldaps://localhost:10636", "uid=admin,ou=system", "secret", "true", null);
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldaps://localhost:10636", "uid=admin,ou=system", "secret", "true", null));
|
||||
assertStatus(response, 204);
|
||||
|
||||
response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldaps://localhost:10636", "uid=admin,ou=system", "secret", "true", "10000");
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldaps://localhost:10636", "uid=admin,ou=system", "secret", "true", "10000"));
|
||||
assertStatus(response, 204);
|
||||
|
||||
// Authentication success with bindCredential from Vault
|
||||
response = realm.testLDAPConnection(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldaps://localhost:10636", "uid=admin,ou=system", "${vault.ldap_bindCredential}", "true", null);
|
||||
response = realm.testLDAPConnection(new TestLdapConnectionRepresentation(LDAPConnectionTestManager.TEST_AUTHENTICATION, "ldaps://localhost:10636", "uid=admin,ou=system", "${vault.ldap_bindCredential}", "true", null));
|
||||
assertStatus(response, 204);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1665,15 +1665,8 @@ module.controller('RealmSMTPSettingsCtrl', function($scope, Current, Realm, real
|
|||
$scope.changed = false;
|
||||
};
|
||||
|
||||
var initSMTPTest = function() {
|
||||
return {
|
||||
realm: $scope.realm.realm,
|
||||
config: JSON.stringify(realm.smtpServer)
|
||||
};
|
||||
};
|
||||
|
||||
$scope.testConnection = function() {
|
||||
RealmSMTPConnectionTester.send(initSMTPTest(), function() {
|
||||
RealmSMTPConnectionTester.save({realm: realm.realm}, realm.smtpServer, function() {
|
||||
Notifications.success("SMTP connection successful. E-mail was sent!");
|
||||
}, function(errorResponse) {
|
||||
if (error.data.errorMessage) {
|
||||
|
|
|
|||
|
|
@ -1661,20 +1661,19 @@ module.controller('LDAPUserStorageCtrl', function($scope, $location, Notificatio
|
|||
var initConnectionTest = function(testAction, ldapConfig) {
|
||||
return {
|
||||
action: testAction,
|
||||
realm: $scope.realm.realm,
|
||||
connectionUrl: ldapConfig.connectionUrl,
|
||||
bindDn: ldapConfig.bindDn,
|
||||
bindCredential: ldapConfig.bindCredential,
|
||||
useTruststoreSpi: ldapConfig.useTruststoreSpi,
|
||||
connectionTimeout: ldapConfig.connectionTimeout,
|
||||
startTls: ldapConfig.startTls,
|
||||
connectionUrl: ldapConfig.connectionUrl && ldapConfig.connectionUrl[0],
|
||||
bindDn: ldapConfig.bindDn && ldapConfig.bindDn[0],
|
||||
bindCredential: ldapConfig.bindCredential && ldapConfig.bindCredential[0],
|
||||
useTruststoreSpi: ldapConfig.useTruststoreSpi && ldapConfig.useTruststoreSpi[0],
|
||||
connectionTimeout: ldapConfig.connectionTimeout && ldapConfig.connectionTimeout[0],
|
||||
startTls: ldapConfig.startTls && ldapConfig.startTls[0],
|
||||
componentId: instance.id
|
||||
};
|
||||
};
|
||||
|
||||
$scope.testConnection = function() {
|
||||
console.log('LDAPCtrl: testConnection');
|
||||
RealmLDAPConnectionTester.save(initConnectionTest("testConnection", $scope.instance.config), function() {
|
||||
RealmLDAPConnectionTester.save({realm: realm.realm}, initConnectionTest("testConnection", $scope.instance.config), function() {
|
||||
Notifications.success("LDAP connection successful.");
|
||||
}, function() {
|
||||
Notifications.error("Error when trying to connect to LDAP. See server.log for details.");
|
||||
|
|
|
|||
|
|
@ -429,28 +429,12 @@ module.factory('RegisterRequiredAction', function($resource) {
|
|||
module.factory('RealmLDAPConnectionTester', function($resource, $httpParamSerializer) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/testLDAPConnection', {
|
||||
realm : '@realm'
|
||||
}, {
|
||||
save: {
|
||||
method: 'POST',
|
||||
headers : { 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8' },
|
||||
transformRequest: function (data) {
|
||||
return $httpParamSerializer(data)
|
||||
}
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('RealmSMTPConnectionTester', function($resource, $httpParamSerializer) {
|
||||
return $resource(authUrl + '/admin/realms/:realm/testSMTPConnection', {
|
||||
realm : '@realm'
|
||||
}, {
|
||||
send: {
|
||||
method: 'POST',
|
||||
headers : { 'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8' },
|
||||
transformRequest: function (data) {
|
||||
return $httpParamSerializer(data)
|
||||
}
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue